<?php
session_start();
if(isset($_SESSION['lang']))
    require_once "./language_files/send_" . $_SESSION['lang'] . ".php";
else
    require_once "./language_files/send_en.php";

require_once "functions.php";
$member_id=$_SESSION['member_id'];
$conf=mysql_real_escape_string($_POST['conference']);
if(isset($_POST['reviewers']) || isset($_POST['authors']) || (isset($_POST['reviewers']) && isset($_POST['authors'])))
{
    if($_POST['TextBox'] != null && isset($_POST['TextBox']) && isset($_POST['subject']) && $_POST['subject'] != null)
    {

        $subject = $_POST['subject'];
        $message=$_POST['TextBox'];
        echo sendMessage($message,$subject);
    }
    else
    {
        echo $lang['error_2'];
    }
}
else
{
    echo $lang['error_3'];
}
//send the message to all the authors selected
function sendMessage($message,$subject)
{
    $message=mysql_escape_string($message);
    $subject=mysql_escape_string($subject);
    global $lang;
    $member_id=$_SESSION['member_id'];
    $conf=mysql_real_escape_string($_POST['conference']);
    if(isset($_POST['reviewers']) && isset($_POST['authors']))
    {
        $x=$_POST['authors'];
        if(isset($x) && is_array($x))
        {
            //put all the authors selected in an array
            $fulexp=implode(",",$x);
            //loop on each author and insert the message in the database
            foreach($x as $item)
            {
                $var=intval($item);
                mysql_query("INSERT INTO messages (message, subject, date_sent) VALUES ('$message','$subject', NOW())");
                $message_id=mysql_query("SELECT * FROM messages WHERE message='$message'");
                While($row=mysql_fetch_assoc($message_id))
                {
                    $mesid=$row['message_id'];
                }
                $re=mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                VALUES ($member_id, $var, $conf, $mesid)");
                $sender_email=$_SESSION['email'];
                $to=get_email_byId($var);
                $sub="You got new message from {$sender_email}";
                $body = "";
                if(strlen($message) > 50)
                {
                    $body=substr($message,0,50) . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                } else {
                    $body=$message . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                }
                $from=$subject;
                $rem=mail($to,$sub,$body,$from) or die("mail");
            }
            //notify the user that the message is sent
        }
        $y=$_POST['reviewers'];
        if(isset($y) && is_array($y))
        {
            //put all the reviewers selected in an array
            $fulexp=implode(",",$y);
            //loop on each author and insert the message in the database
            foreach($y as $item)
            {
                $var=intval($item);
                mysql_query("INSERT INTO messages (message, subject, date_sent) VALUES ('$message', '$subject', NOW())");
                $message_id=mysql_query("SELECT * FROM messages WHERE message='$message'");

                While($row=mysql_fetch_assoc($message_id))
                {
                    $mesid=$row['message_id'];
                }
                $re=mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                    VALUES ($member_id, $var, $conf,  $mesid)");

               $sender_email=$_SESSION['email'];
                $to=get_email_byId($var);
                $sub="You got new message from {$sender_email}";
                $body = "";
                if(strlen($message) > 50)
                {
                    $body=substr($message,0,50) . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                } else {
                    $body=$message . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                }
                $from=$subject;
                $rem=mail($to,$sub,$body,$from) or die("mail");
            }
            //notify the user that the message is sent
        }
        echo $lang['sent'];
    }
    //check if there were any authors selected and if the template is not thank you
    else if(isset($_POST['authors']) && !isset($_POST['reviewers']))
    {
        $x=$_POST['authors'];
        if(isset($x) && is_array($x))
        {
            //put all the authors selected in an array
            $fulexp=implode(",",$x);

            //loop on each author and insert the message in the database
            foreach($x as $item)
            {
                $var=intval($item);
                mysql_query("INSERT INTO messages (message, subject, date_sent) VALUES ('$message','$subject', NOW())");
                $message_id=mysql_query("SELECT * FROM messages WHERE message='$message'");
                While($row=mysql_fetch_assoc($message_id))
                {
                    $mesid=$row['message_id'];
                }
                $re=mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                VALUES ($member_id, $var, $conf, $mesid)");

                $sender_email=$_SESSION['email'];
                $to=get_email_byId($var);
                $sub="You got new message from {$sender_email}";
                $body = "";
                if(strlen($message) > 50)
                {
                    $body=substr($message,0,50) . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                } else {
                    $body=$message . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                }
                $from=$subject;
                $rem=mail($to,$sub,$body,$from) or die("mail");
            }
            //notify the user that the message is sent
            echo $lang['sent'];
        }
    }
    else if(isset($_POST['reviewers']) && !isset($_POST['authors']))
    {
        $y=$_POST['reviewers'];
        if(isset($y) && is_array($y))
        {
            //put all the reviewers selected in an array
            $fulexp=implode(",",$y);
            //loop on each author and insert the message in the database
            foreach($y as $item)
            {
                $var=intval($item);
                mysql_query("INSERT INTO messages (message, subject, date_sent) VALUES ('$message', '$subject', NOW())");
                $message_id=mysql_query("SELECT * FROM messages WHERE message='$message'");

                While($row=mysql_fetch_assoc($message_id))
                {
                    $mesid=$row['message_id'];
                }
                $re=mysql_query("INSERT INTO member_message_member (member_id1, member_id2,conference_id, message_id)
                                    VALUES ($member_id, $var, $conf,  $mesid)");

                $sender_email=$_SESSION['email'];
                $to=get_email_byId($var);
                $sub="You got new message from {$sender_email}";
                $body = "";
                if(strlen($message) > 50)
                {
                    $body=substr($message,0,50) . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                } else {
                    $body=$message . "...
                    to check it please visit {$_SERVER['SERVER_NAME']}/confo/main.php?page=viewMessage.php&message_id={$mesid}";
                }
                $from=$subject;
                $rem=mail($to,$sub,$body,$from) or die("mail");
            }
            //notify the user that the message is sent
            echo $lang['sent'];
        }
    }
}
?>